This project's continuity is at risk. If Internet routing security is important to you, throw a lifeline! Please donate to the 2026 fundraising campaign.

Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/HcMkileo_0EF6RlmVfBf3JEdfPY.roa
File:                     HcMkileo_0EF6RlmVfBf3JEdfPY.roa (raw, json)
Hash identifier:          k7v3xuvK+zQ+5XYDIN3coFnyw3zL/+ws1ruHBjTbYgc=
Subject key identifier:   1D:C3:24:8A:57:A8:FF:41:05:E9:19:66:55:F0:5F:DC:91:1D:7C:F6
Certificate issuer:       /CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
Certificate serial:       019BC5EB6D2E9B0BE51B92F6E7EC0208BAEE
Authority key identifier: 51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/HcMkileo_0EF6RlmVfBf3JEdfPY.roa
Signing time:             Fri 16 Jan 2026 08:28:19 +0000
ROA not before:           Fri 16 Jan 2026 08:28:19 +0000
ROA not after:            Thu 01 Jul 2027 00:00:00 +0000
asID:                     25198
IP address blocks:        212.100.189.0/24 maxlen: 24
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Tue 20 Jan 2026 08:02:31 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:9b:c5:eb:6d:2e:9b:0b:e5:1b:92:f6:e7:ec:02:08:ba:ee
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=51b49ba0dd8615128618d50159cb0f3b5e9ee626
        Validity
            Not Before: Jan 16 08:28:19 2026 GMT
            Not After : Jul  1 00:00:00 2027 GMT
        Subject: CN=1dc3248a57a8ff4105e9196655f05fdc911d7cf6
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:cd:64:06:c4:8b:d4:d8:33:29:4f:09:34:ac:d1:
                    50:db:29:4b:ac:2f:81:e2:27:b9:06:da:dc:fb:ed:
                    f0:7f:0b:78:22:14:42:28:7b:f0:c8:09:6d:a3:a6:
                    5a:aa:fc:6b:07:ca:8b:07:82:79:1a:ec:a4:7e:53:
                    fc:4f:9e:50:6f:70:c1:e6:f1:8a:6b:b5:a2:a3:47:
                    3d:c8:de:c7:d4:d7:b7:02:ba:9b:5b:9c:6f:ab:61:
                    48:ca:ee:ae:eb:92:c7:b1:0b:ee:c6:d5:4b:7d:2f:
                    d0:e5:3d:68:05:48:d2:94:1a:74:54:08:4d:23:4b:
                    17:39:cf:9b:47:6e:c4:b2:28:3f:17:7c:b8:3b:02:
                    96:b5:7a:9e:c5:05:7b:3b:ba:7d:8f:89:c5:e3:cf:
                    ad:24:6b:56:42:8d:25:8e:e3:ee:97:82:22:f0:ce:
                    b3:be:c4:46:16:11:50:c4:05:e3:79:ad:c5:99:96:
                    a6:e5:a4:8c:86:7d:e6:94:46:90:db:c3:9e:23:58:
                    f6:b5:24:84:f2:7c:c1:d4:a6:c2:5c:22:d4:69:07:
                    c3:e1:04:bc:24:62:b8:6f:9d:7a:0d:f6:e4:ea:16:
                    01:75:8d:c3:d5:1d:67:97:e0:98:95:86:ac:25:1e:
                    29:68:f1:1b:07:b6:96:65:e8:4c:fe:b3:91:f3:16:
                    70:89
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                1D:C3:24:8A:57:A8:FF:41:05:E9:19:66:55:F0:5F:DC:91:1D:7C:F6
            X509v3 Authority Key Identifier:
                keyid:51:B4:9B:A0:DD:86:15:12:86:18:D5:01:59:CB:0F:3B:5E:9E:E6:26

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UbSboN2GFRKGGNUBWcsPO16e5iY.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/HcMkileo_0EF6RlmVfBf3JEdfPY.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/26c049-47ee-4886-9844-4ab9e8aa3262/1/UbSboN2GFRKGGNUBWcsPO16e5iY.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  212.100.189.0/24

    Signature Algorithm: sha256WithRSAEncryption
         b3:ba:89:17:87:80:84:ca:b1:0b:99:2d:44:37:1e:c4:e0:d9:
         ea:30:e5:e1:60:9b:c8:a8:d7:97:e6:cd:67:3e:2f:2a:88:47:
         0a:ae:db:dd:ad:79:b5:59:ee:07:4b:d7:61:36:ff:45:72:55:
         2d:e8:f0:90:d5:af:52:c1:16:ea:e8:9d:be:3a:e3:75:6f:84:
         a3:46:18:24:61:59:7e:38:dd:4d:3a:08:62:d2:0f:3a:30:6d:
         21:1d:30:68:15:bc:49:70:80:dc:b5:e5:69:00:32:fb:e0:4f:
         aa:11:d5:7c:b5:79:d1:ec:86:8b:be:ce:1c:3a:48:11:36:cf:
         a4:be:ea:1e:dc:fd:14:92:44:bd:09:d5:c9:2a:43:99:55:32:
         a2:f1:23:3d:db:d2:be:67:ab:87:c0:33:c7:16:e0:ee:17:36:
         21:66:4f:66:27:ee:cb:78:4d:52:64:b5:2e:85:f0:e4:54:83:
         04:1c:51:45:eb:23:d8:10:54:df:98:49:b1:34:ac:06:e8:ba:
         f8:b6:67:73:ee:e1:cf:33:56:72:db:49:6d:a5:4c:a1:49:a4:
         bb:0f:7f:68:e4:d7:5c:9f:7f:2b:b5:3b:85:c0:25:77:d1:a4:
         ba:6a:ee:c4:96:09:ee:45:8d:8c:e6:06:1c:43:12:65:73:9e:
         38:f8:29:c9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZvF620umwvlG5L25+wCCLruMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxYjQ5YmEwZGQ4NjE1MTI4NjE4ZDUwMTU5Y2IwZjNiNWU5
ZWU2MjYwHhcNMjYwMTE2MDgyODE5WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGMzMjQ4YTU3YThmZjQxMDVlOTE5NjY1NWYwNWZkYzkxMWQ3Y2Y2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzWQGxIvU2DMpTwk0rNFQ2ylLrC+B
4ie5Btrc++3wfwt4IhRCKHvwyAlto6ZaqvxrB8qLB4J5GuykflP8T55Qb3DB5vGK
a7Wio0c9yN7H1Ne3ArqbW5xvq2FIyu6u65LHsQvuxtVLfS/Q5T1oBUjSlBp0VAhN
I0sXOc+bR27Esig/F3y4OwKWtXqexQV7O7p9j4nF48+tJGtWQo0ljuPul4Ii8M6z
vsRGFhFQxAXjea3FmZam5aSMhn3mlEaQ28OeI1j2tSSE8nzB1KbCXCLUaQfD4QS8
JGK4b516Dfbk6hYBdY3D1R1nl+CYlYasJR4paPEbB7aWZehM/rOR8xZwiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFB3DJIpXqP9BBekZZlXwX9yRHXz2MB8GA1UdIwQY
MBaAFFG0m6DdhhUShhjVAVnLDztenuYmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQt
NGFiOWU4YWEzMjYyLzEvSGNNa2lsZW9fMEVGNlJsbVZmQmYzSkVkZlBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS8yNmMwNDktNDdlZS00ODg2LTk4NDQtNGFiOWU4YWEzMjYy
LzEvVWJTYm9OMkdGUktHR05VQldjc1BPMTZlNWlZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQA1GS9MA0G
CSqGSIb3DQEBCwUAA4IBAQCzuokXh4CEyrELmS1ENx7E4NnqMOXhYJvIqNeX5s1n
Pi8qiEcKrtvdrXm1We4HS9dhNv9FclUt6PCQ1a9SwRbq6J2+OuN1b4SjRhgkYVl+
ON1NOghi0g86MG0hHTBoFbxJcIDcteVpADL74E+qEdV8tXnR7IaLvs4cOkgRNs+k
vuoe3P0UkkS9CdXJKkOZVTKi8SM929K+Z6uHwDPHFuDuFzYhZk9mJ+7LeE1SZLUu
hfDkVIMEHFFF6yPYEFTfmEmxNKwG6Lr4tmdz7uHPM1Zy20ltpUyhSaS7D39o5Ndc
n38rtTuFwCV30aS6au7ElgnuRY2M5gYcQxJlc544+CnJ
-----END CERTIFICATE-----